CN1782943A - Integrated access authorization - Google Patents
Integrated access authorization Download PDFInfo
- Publication number
- CN1782943A CN1782943A CN200510108867.XA CN200510108867A CN1782943A CN 1782943 A CN1782943 A CN 1782943A CN 200510108867 A CN200510108867 A CN 200510108867A CN 1782943 A CN1782943 A CN 1782943A
- Authority
- CN
- China
- Prior art keywords
- strategy
- mandate
- party
- resource
- computing machine
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2101—Auditing as a secondary aspect
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
A facility for performing an access control check as an integral component of an operating system and utilizing a centralized policy store is provided. The facility executes as an integral part of an operating system executing on a computer and receives an authorization query to determine whether a principal has authorization to access a resource. The facility applies a policy maintained in a centralized policy store that is applicable to the principal to determine whether authorization exists to access the resource. If authorization does not exist, the facility denies the authorization query and records an indication of the denial of the authorization in an audit log. The facility may trigger events based on the auditing of authorization queries. The facility may also record an indication of authorization to access the resource in the audit log. The facility may additionally determine whether the authorization query is a request for authorization to perform an inherently dangerous operation, and record an indication of an authorization to perform the inherently dangerous operation in the audit log.
Description
Technical field
The present invention relates to computer security, relate in particular to the visit of control resource on the computer system.
Background technology
Along with the dependent increase to computing machine and computer network, and to the attack frequency of computing machine and computer network and the increase of complexity, the theme of computer security becomes more and more outstanding in the industry.The current computer safety technique is not enough to protect application program and operating system to exempt from for example destruction of Malwares (" malware ") such as virus, worm and Trojan Horse; these Malwares are to be designed to especially destroy or upset computer system, and other bad action.
The certificate that existing access control safety model all depends on the user is usually authorized the visit to resource on the computing machine.In these models, each process with identical credentials operation or execution all is given identical access rights, and no matter all resources whether this process needs calling party to use.In addition, need the process of access resources (for example reading and writing etc.), when access resources, specify required visit.
For example, the user signs in on the personal computer by user account, and expectation can be visited all word processing documents that are stored on this personal computer and use specific word processor to create.In order to satisfy this expectation, conventional access control safety system permits all aforementioned word processing documents of all routine accesses of operation in user's context permission.Yet this is the allowance of excess level permission, because in fact seldom there is the program of operation in user's context permission can need to visit arbitrary word processing document except that word processor.
Usually, Malware utilizes the code defective to come progression of infection.In case Malware moves in the process of being injured, the access rights of the user's context that it moves therein with regard to the succession process, and be able to all resources that calling party can be used, required much more of this comparable original process.
Therefore, the integrated approach of the access authorization of the security of resource will have great effectiveness on a kind of improvement and the enhancing computing machine.
Description of drawings
Fig. 1 is the block diagram of the selected assembly that is comprised to the small part computer system that illustrates that utility routine carries out thereon.
Fig. 2 is the block diagram that illustrates according to the selected assembly of the utility routine of some embodiment.
Fig. 3 illustrates according to some embodiment and is suitable for the example policy that used by utility routine.
Fig. 4 illustrates according to the process flow diagram of some embodiment utility routine execution to the method for the audit of denied access request.
Fig. 5 illustrates the process flow diagram of carrying out the method for the audit that inherent peril is operated according to some embodiment utility routine.
Fig. 6 illustrates according to some embodiment utility routine and carries out study so that the process flow diagram of the method for strategy fine setting.
Fig. 7 illustrates the process flow diagram that the method that the access control of layering checks is provided according to some embodiment utility routine.
Fig. 8 illustrates the process flow diagram of determining other method of security risk level of application program according to some embodiment utility routine.
Fig. 9 illustrates the process flow diagram that applies the method for stricter strategy according to an embodiment utility routine after detecting unusually.
Figure 10 illustrates the process flow diagram that applies the method for strategy according to an embodiment utility routine after detecting unusually.
Embodiment
Described and be used to prevent that computer system is subjected to the software utility of deleterious effect (" utility routine "), these deleterious effects can produce from the utilization to application program on the computer system and operating system program.In certain embodiments, utility routine is implemented as the integral part of operating system, and the MAC layer of logical drive is added on the operating system.For example, utility routine is to realize the necessary mode of operating system access controlling mechanism.
This utility routine can provide an authorization module, and this authorization module receives the authorization query to various security sensitive resource accesses, and returns the decision that allows or refuse resource access based on centralized policy.Strategy is definite how such as wait series of rules and practice of managing also resources conseravtion by network, file system, application program.In the centralized policy storehouse, each rule in the strategy can be concentrated placement, and this makes each rule and/or strategy can concentrate cancellation and concentrate and is provided with.This is opposite with distributed or every object accesses controlling models, uses the Access Control List (ACL) that is tied to physical object to realize usually.
Authorization module can directly be inquired about by each operating system assembly, and these assemblies are to by the user model program, and the resource access request that the application program of for example carrying out in user's context is sent provides service.Perhaps, authorization module can be inquired about by " intercept layer " that be positioned on these operating system assemblies.This intercept layer is that interception is used for the system call function of access resources by the user model program, and " packing " is applied to the code of the system call function tackled.This authorization module is made its access control decision (promptly allowing or refusal) based on party's identity and the strategy that is applied to this party, party's identity can be the program process of the application program of attempting carrying out resource access-for example-identity, or application identity and application program are represented the combination of its user identity of carrying out.
In certain embodiments, utility routine provides an audit feature.For example, it is the theme of audit that strategy can be indicated specific action, no matter allow (for example approval) or refusal (for example stopping) to authorize, thereby clauses and subclauses is added audit log.These clauses and subclauses can comprise the rule of failing, resource or object, and the indication of principle.For some operation, such as inherent peril operation, these clauses and subclauses can comprise rule (no matter be allow or refuse this rule), resource or object, and party's indication.Utility routine also can trigger each incident based on audit.For example, utility routine can be configured to provide notice or the indication that fail rule or inherent peril are operated to party (for example application program and/or user) or other interested parties.
In certain embodiments, utility routine provides a mode of learning feature, and wherein application program is tested rule or reported.For example, the request to carrying out the mandate of moving of can specifying of the rule in the strategy is rejected.If being activated by the creator of for example strategy, mode of learning is used for rule, then utility routine is not refused carrying out the request mandate of action, and allow or approval to carrying out the mandate of this action, and generate expression to the request of the mandate of carrying out this action with unaccepted incident.Utility routine can generate a report, the rule that its indication for example should be refused, the state etc. of application program before this action of request.The mode of learning feature is convenient to the fine setting strategy.For example, Ce Lve creator can analyze this report and determine whether the rule in strategy or the strategy needs to have more restricted or restricted less.
In certain embodiments, the utility routine part that control is checked as hierarchical access is carried out.At this, utility routine is carried out its strategy and is checked a part of checking as a series of access control.For example, when being used as resource request, when beginning, conventional access control mechanisms can be called to determine whether institute's request resource is authorized.After conventional access control mechanisms began the mandate of definite request resource to some extent, utility routine can be called to check its strategy is to determine whether institute's request resource is had mandate.Subsequently, can call one or more other access control inspections in addition, determine with final whether institute's request resource is had mandate.
With reference to Fig. 1-10 of accompanying drawing, each embodiment of utility routine and advantage thereof can obtain best understanding.The element of accompanying drawing is inevitable proportional, but focuses on each principle of the present invention clearly is described.Run through each accompanying drawing, similar label is used for the phase Sihe corresponding assembly of each accompanying drawing.
Fig. 1 is the block diagram of the selected assembly that is comprised to the small part computer system that illustrates that common utility routine carries out thereon.These computer systems 100 can comprise the one or more CPU (central processing unit) (" CPU ") 102 that are used for computer program, be used for storing the computer memory 104 of the program and the data (comprising data structure) of use, the persistent storage 106 that is used for persistent storage program and data such as hard disk, be used to read the program that is stored on the computer-readable medium and the computer-readable medium drive 108 such as CD-ROM drive of data, and be used for such as other computer system of unifying by the Internet connection department of computer science, with the network connection 110 of exchanger and/or data (comprising data structure).
Utility routine can be described in the general environment of being carried out by computer system 100 or other device such as the computer-readable instruction of program module.Generally speaking, program module comprises the routine carrying out particular task or realize particular abstract, program, object, assembly, data structure etc.Storer 104 and persistent storage 106 are the computer-readable mediums that can comprise the instruction that realizes utility routine.Be appreciated that storer 104 and long-time memory 106 can have various other contents except that the instruction that realizes utility routine.
Be appreciated that, computer system 100 can comprise the one or more display device that are used for display routine output, such as video display or LCD panel, and the one or more input medias that are used to receive user's input, such as keyboard, microphone, or such as the locating device of mouse.Although as above configuring computer system 100 is generally used for supporting the operation of utility routine, be appreciated that utility routine can use device all kinds and configuration and that have various assemblies to realize.
Fig. 2 is the block diagram that the selected assembly of utility routine is shown according to some embodiment.As shown in Figure 2, utility routine comprises authorization module 202, and it is implemented as the black box that is suitable for the operating system 204 of execution on computer system 100.Authorization module 202 adds layer with the protection of doing the excessive risk process usually; the application program of these excessive risk process such as network-orienteds, the service of network-oriented and operating system assembly, handle the application program that trusted not holds during the term of office, and the not untrusted code of the code that for example transmits by the Internet usually.Authorization module 202 is provided for carrying out the logic to the access control of the policy-driven of available resources on the computer system 100.
Utility routine also comprises strategy 206, and authorization module 202 can be made its access control decision by each strategy.Strategy 206 be determine to allow or refusal to the rule of the request of the mandate of access resources.(for example scale-of-two) rule when in certain embodiments, strategy 206 is compiled into the operation of being implemented by operating system 204 especially authorization module 202.In certain embodiments, strategy 206 is implemented as the part of centralized policy storer, and this centralized policy storer makes strategy 206 (comprising the rule in the strategy 206) and to be provided with by for example user and/or the concentrated cancellation of keeper.
In certain embodiments, the access control inspection of being carried out by authorization module 202 is the effect of making the party of resource access request and being applied to this party's strategy.Like this, authorization module 202 is based on the identity of identity-invokes application of party, perhaps the user's of the identity of invokes application and executive utility identity-and the rule that can be applicable in party's the strategy make its access control decision (promptly allowing or refusal).In certain embodiments, authorization module 202 also can be considered each parameter, such as, as example, link to each other in the company's network of the type of request visit, envirment factor-for example or with common network and the computing machine of executive utility-and party's identity, can be applicable to make the rule in the party's that its access control determines the strategy thereon.
In certain embodiments, utility routine can comprise optional abnormality detection module 214, shown in dotted line among Fig. 2 or " short drawing " line.Abnormality detection module 214 is commonly used to supervisory computer system 100 and the behavior of the program carried out on computer system 100, so that detect abnormality.In certain embodiments, abnormality detection module 214 provides first notice to utility routine after unusual detecting, and provides second notice after detecting previous detected stopping unusually.This makes that utility routine can be at the enforcement that detects unusual back activation strategy 206 implementation strategy 206 no longer just after this abnormal ending.Perhaps, can apply the set of strategies of less-restrictive when utility routine begins, and have more restrictive set of strategies detecting to apply when unusual, when abnormal ending, apply the set of strategies of less-restrictive once more.In the individual process that abnormality detection module 214 can be carried out on computer system 100, or in one group of process on computer system 100, carrying out, or detect unusual in the whole computer system 100.
The aforementioned aspects of utility routine only is illustrative, and be not be intended to shown in the usable range or the function of assembly and/or utility routine make any restriction.For example, in certain embodiments, authorization module 202 need not to be embodied as the part of operating system 204 or to be integrated in wherein, but can be independent of operating system 204 or realization outside it, for example realizes as the not operation system program.In addition, in certain embodiments, strategy 206 need not to be implemented as the centralized policy storer or as its part.Thereby strategy 206 need not to concentrate on a place, and for example can use distributed model to realize.In addition, even strategy 206 is made the part of authorization module 202 as described or is included in wherein, strategy 206 still only needs addressable to authorization module 202.
In the following discussion, each embodiment of utility routine will describe in conjunction with each illustrated examples.Each embodiment that is appreciated that utility routine can be used for each side in these examples have in the situation of a great difference.
Fig. 3 illustrates the example policy that is applicable to utility routine according to some embodiment.This example policy comprises the rule that will protect the web server application.As example, the program process of request resource (shown in item 302) is examined, to determine whether it is WebServerX web server processes, shown in item 304.If authorization module 202 determines that the request applications processes are WebServerX web server processes, then authorization module 202 based on be included in that every rule in the strategy allows or refusal to the mandate of request resource.
As shown in the figure, example policy comprises privilege or the access rights to the approval of WebServerX process, and the default mandate that is refusal to institute's request resource, shown in rule 306, unless specified privilege or access rights.In other words, except that in strategy, clearly having permitted institute's request resource, can be rejected the mandate of request resource.In certain embodiments, this strategy can comprise the rule of specifying restrict access, for example specify to refuse to the mandate of carrying out specific action or refusal rule to the mandate of access resources, or cause the rule of audit (for example writing down an incident).
First rule in the example policy is to allowing the WebServerX process to write “ $html shown in item 308 " file, the “ $WebDirectories shown in item 310 " indication.“ $html " be the expression of the file type set of for example * .html, * .gif etc.“ $WebDirectories " be to be configured to the web catalogue, and can be by the expression such as the catalogue set of keeper's definition of web-based management person that is different from such as safety officer's tactful founder.For example, will be by parameter “ $html in response to request " file type of definition writes by “ $WebDirectories " the WebServerX process of one of the catalogue of definition, authorization module 202 returns one based on this rule and allows decision (promptly permitting authorizing).Thereby the rule in the strategy can be applicable to the group of objects of dynamic independent definition, such as “ $WebDirectories ", and dynamically configurable environmental parameter, such as “ $html ".
Second rule in example policy is a such indication, if WebServerX process representative of consumer A carries out (shown in item 314), then allows the WebServerX process to write “ $FTP and uploads catalogue " (shown in item 312).For example, the request of carrying out in response to representative of consumer A writes “ $FTP and uploads catalogue " the WebServerX process, authorization module 202 returns one and allows decision (i.e. the permission of Shou Quaning).
The 3rd rule in the example policy is to allowing the indication of input http communication, shown in item 316.For example, receive the WebServerX process of importing http data (for example be received in network and connect the http data packets that upward transmits) in response to request, authorization module 202 returns one based on this rule and allows to determine (i.e. the permission of Shou Quaning).
The 4th rule in the example policy is a such indication, if enable variable “ $FTP " (shown in item 320), then allow " FTP communication " (shown in item 318).At this, “ $FTP " be variable, and can be provided with by being different from the keeper who creates this tactful safety officer.For example, authorization module 202 is carried out run-time check to determine variable “ $FTP " whether enable, if enabled, then in response to the WebServerX process of request transmitting-receiving by the data of parameter " FTP communication " definition, authorization module 202 returns one based on this rule and allows decision (i.e. the permission of Shou Quaning).Perhaps, if “ $FTP " not enabled, then authorization module 202 will return refusal decision (i.e. the refusal of Shou Quaning) in response to aforementioned access request (shown in item 306).
Be appreciated that strategy can comprise the privilege of the inside and outside object of defining operation system, the program process shown in above example privilege.Each rule in the strategy can use one to enrich pattern (Schema) appointment, and this mode class is similar to and uses compiling or interpreted programming language to write code.For example, this pattern can be supported the condition that comprises and interim condition, for example " if having only Y just to allow X ", but to the environmental parameter of dynamic-configuration and the dependence of variable, to the dependence of the environmental factor in the rule etc.In addition, the use of parameter is convenient to create the rule of the object that is applied to current and future.For example, the particular type document can be by parametric representation, and uses this parameter to create to specify the rule of the restriction of all documents that put on this particular type existing or that create afterwards.In certain embodiments, strategy can be for example specify some decision will submit to the terminal user to make by ejecting dialog box.
Fig. 4 illustrates according to the process flow diagram of some embodiment utility routine execution to the method 400 of the audit of denied access request.As example, user (for example UserABC) has signed in on the computing machine, has started word-processing application (for example WPApp), and the file of storing in the catalogue (for example YZDir) on computers (for example FileX) is opened in request.As a result, WPApp sends the request that visit is stored in resource FileX among the catalogue YZDir.From setting up procedure, receive authorization query at step 402 authorization module 202, for example granted access is stored in the request of the FileX among the YZDir.
In step 404, authorization module 202 identification request are stored in the main body of the mandate of FileX among the YZDir to visit.In above example, the party can be the combination of WPApp or WPApp and UserABC.In step 406, authorization module 202 for example from the centralized policy storer sign can be applicable to identify party's strategy, such as strategy 206, but and carry out the access control inspection based on party's identity and application strategy.In step 408, authorization module 202 determines whether the result of the access control inspection of execution in step 406 is denied access.Continue above example, but authorization module 202 is analyzed the application strategy that has identified, whether authorize the party to visit the FileX that is stored among the YZDir to determine rule or privilege in the strategy in step 408.
If authorization module 202 determines that but application strategy mandate party carries out the action of being asked, then return one at step 420 authorization module 202 and allow decision, it is the party to be authorized to carry out the indication of institute's request action, and proceeds to end step.Perhaps, if authorization module 202 determines that but application strategy unauthorized party carries out the action of being asked, then return a refusal decision at step 410 authorization module 202, and it is the indication to the uncommitted execution of party institute request action.In step 412, authorization module 202 can return the character string of makeing mistakes to the party, notifies the party to lack the mandate of carrying out institute's request action.
In step 414, authorization module 202 is checked to determine whether to have enabled audit.But the mark or the record that are associated with application strategy or rule can indicate whether to carry out audit.If the not enabled audit, then authorization module 202 proceeds to end step.Perhaps, if enabled audit, then authorization module 202 is charged to clauses and subclauses in step 416 in audit log.These clauses and subclauses can identify unaccepted request, failure rule, party, and/or request resource.
In step 418, authorization module 202 can trigger one or more incidents based on the audit that is rejected request.For example, authorization module 202 can provide the party to attempt carrying out an indication of action without permission to the safety officer by for example Email, voice mail, text message etc., attempt execution the party and stop application process after the action without permission, attempt carrying out without permission applying stricter set of strategies etc. after the action the party.After each incident of triggering, authorization module 202 proceeds to end step.
Skilled person in the art will appreciate that the function of carrying out can realize by different order for these and other process and method in this announcement in process and method.In addition, shown in step only be exemplary, and some steps are optional, can with less step combination, maybe can be extended to other step, and not depart from essence of the present invention.
Fig. 5 illustrates the process flow diagram according to the method 500 of the audit of some embodiment utility routine execution inherent peril operation.As example, user (for example UserABC) has signed in on the computing machine, has started web browser program (for example WebBrowser), and the webpage (for example PageX) of (for example WebSiteY) on the website of being trusted is visited in request.As a result, WebBrowser sends the request from WebSiteY retrieval PageX.Step 502-508 is similar to the step 402-408 of method 400 basically.
If in step 508, but authorization module 202 determines that application strategy unauthorized party carries out the action of being asked, and then returns a refusal decision at step 510 authorization module 202, and it is the indication to the uncommitted execution of party institute request action.In above example, WebBrowser does not have the mandate that website WebSiteY is trusted in visit.In step 512, authorization module 202 can return the character string of makeing mistakes to the party, notifies the party to lack the mandate of carrying out institute's request action.After returning the character string of makeing mistakes, authorization module proceeds to end step.
Perhaps, if authorization module 202 determines that but application strategy mandate party carries out the action of being asked, then returns one and allows decision at step 514 authorization module 202, and it is the indication that the party is authorized to carry out institute's request action.In step 516, authorization module 202 is checked to determine having authorized whether action is intrinsic risky operation.For example, utility routine can be safeguarded the tabulation of an inherent peril operation, and authorization module 202 can check this tabulation is to determine having authorized action whether to be listed in the inherent peril operation.
If find that having authorized action is intrinsic risky operation, then in step 518, authorization module 202 is carried out review operations.For example, authorization module 202 can be charged to indication to carrying out clauses and subclauses of inherent peril request of operating and mandate in the audit log of inherent peril operation.These clauses and subclauses also can comprise the indication of request to the party of the mandate of execution inherent peril operation.Authorization module 202 also can be carried out other action, and these actions can trigger by the mandate of carrying out the inherent peril operation.After step 518 is carried out review operations, or to determine to have authorized action in step 516 be not the inherent peril operation, and authorization module 202 proceeds to end step.
In certain embodiments, authorization module 202 can be charged to the clauses and subclauses of indication to the authorization requests of execution inherent peril operation in the audit log of inherent peril operation.Continue the example presented above, suppose that visit is trusted website WebSiteY and is illustrated as intrinsic risky operation, and but application strategy is not permitted the mandate that WebBrowser visits WebSiteY in addition, then authorization module 202 returns and refuses to determine (step 510), and it is negative to operate the request and the mandate subsequently of writing down the mandate that the execution inherent peril is operated in the audit log at for example inherent peril.But authorization module 202 also record request to the party's of the mandate of carrying out the inherent peril operation indication.
Fig. 6 illustrates according to some embodiment utility routine and carries out study so that the process flow diagram of the method 600 of strategy fine setting.As example, user (for example UserABC) has signed in on the computing machine, has started web browser program (for example WebBrowser), and asks the webpage (for example PageX) of (for example WebSiteY) on the access websites.As a result, WebBrowser sends the request from WebSiteY retrieval PageX.Step 602-608 is similar to the step 402-408 of method 400 basically.
If in step 608, authorization module 202 determines that but application strategy mandate party carries out the action of being asked, then return one at step 610 authorization module 202 and allow decision, it is the party to be authorized to carry out the indication of institute's request action, and proceeds to end step.Perhaps, if authorization module 202 determines that but application strategy unauthorized parties carry out the action of being asked, then check determining at step 612 authorization module 202 whether enabled the study of refusal being carried out rule in the strategy of mandate of institute's request action.Continue as above example, the strategy that can be applicable to WebBrowser can comprise the rule of clearly refusing the WebBrower access the Internet, thereby WebSiteY also can provide the indication of not using this rule to using study.
If authorization module 202 is determined the study of not enabled to the rule of the mandate of refusal execution institute request action, then in step 618, authorization module 202 returns a refusal decision, and it is the indication to the uncommitted execution of party institute request action.In above example, clearly refuse the rule of WebBrowser access the Internet and WebSiteY, can not have using the indication of study.In this example, application rule and WebBrowser are rejected the mandate of visit WebSiteY.In step 620, authorization module 202 can return the character string of makeing mistakes to the party, notifies the party to lack the mandate of carrying out institute's request action.After returning the character string of makeing mistakes, authorization module proceeds to end step.
Perhaps, if in step 612, authorization module 202 determines to have enabled the study of rule of refusal being carried out the mandate of institute's request action, and then in step 614, authorization module 202 is charged to clauses and subclauses of indication failure rule in study report daily record.These clauses and subclauses can comprise that also request is to lead to the failure party's the indication of mandate of action of rule of execution.In step 616, authorization module 202 returns one and allows decision, and it is the party to be authorized to carry out the indication of institute's request action, and proceeds to end step.Thereby authorization module 202 is ratified the mandate to execution institute request action, and writes down the indication to this incident, but rather than application application rule.But whether the content of safety officer or other user's analytic learning report interested daily record too strict or strict inadequately to determine rule or strategy then, and really implement or realize this rule or strategy before this rule of fine setting or strategy.
In certain embodiments, authorization module 202 can be charged to indication clauses and subclauses to the rule of the mandate of carrying out request action are provided in study report daily record.Continue above example, suppose that rule authorizes WebBrowser access the Internet and WebSiteY clearly and provide using the indication of study, then authorization module 202 returns one and allows decision (step 610) and record that indication to the rule of the mandate of carrying out request action is provided.This information also can be used to fine setting rule or tactful.For example, be given the ratification too easily, then can adjust or change rule or strategy to reduce the example of approval to the mandate of access resources if the clauses and subclauses from log are determined the mandate of access resources.
Fig. 7 illustrates the process flow diagram that the hierarchical access method 700 that control is checked is provided according to some embodiment utility routine.Referring to one of earlier examples, user (for example UserABC) has signed in on the computing machine once more, has started word-processing application (for example WPApp), and the file of storing in the catalogue (for example YZDir) on computers (for example FileX) is opened in request.As a result, WPApp sends the request that visit is stored in resource FileX among the catalogue YZDir.From setting up procedure, receive authorization query at step 702 authorization module 202, for example granted access is stored in the request of the FileX among the YZDir.
In step 704, the operating system that operates on the user's computer is carried out a conventional access control inspection.Continue above example, operating system can be checked to determine whether the user has the authority of opening FileX among (for example read access) YZDir.In step 706, operating system uses its conventional access checking mechanism to determine whether to refuse user capture to FileX.
If the conventional access checking mechanism of operating system determines to answer refusing user's visit FileX, then return a refusal decision, and proceed to end step in step 708 operating system.The refusal decision is the indication that the user does not obtain the mandate of carrying out institute's request action (for example opening FileX).Perhaps, if the conventional access checking of operating system mechanism determines not answer the visit of refusing user's to FileX, then in step 710 authorization module 210 identification request to being stored in the party of the mandate of FileX among the YZDir.
In step 712, authorization module 202 sign from centralized policy storer for example can be applicable to identify party's strategy, such as strategy 206, but and carries out access control policy based on party's identity and application strategy.Continue above example, but the application strategy that authorization module 202 analyses have identified is to determine in step 714 whether rule or privilege in the strategy authorize the party to visit the FileX that is stored among the YZDir.
If authorization module 202 determines that but application strategy mandate party carries out the action of being asked, then return one at step 720 authorization module 202 and allow decision, it is the party to be authorized to carry out the indication of institute's request action, and proceeds to end step.Perhaps, if authorization module 202 determines that but application strategy unauthorized party carries out the action of being asked, then return a refusal decision at step 716 authorization module 202, and it is the indication to the uncommitted execution of party institute request action.In step 718, authorization module 202 can return the character string of makeing mistakes to the party, and proceeds to end step.This character string of makeing mistakes can notify the party to lack the mandate of carrying out institute's request action.
Being appreciated that can be by carrying out the hierarchical access inspection with order opposite shown in the method 700.For example, authorization module 202 is at first carried out its access control inspection.If authorization module 202 determines that mandate should give specific resource access, then operating system uses its conventional access control mechanisms to carry out its safety inspection.
Fig. 8 illustrates the process flow diagram of determining other method 800 of security risk level of application program according to some embodiment utility routine.Especially, utility routine is estimated the rank of security risk and/or the intention of application program based on the analysis of the strategy of application programs appointment.As example, the user can sign in on the computing machine, and request is written into and/or executive utility on computers.
From setting up procedure, the operating system that runs on the subscriber computer receives being written into/request of executive utility in step 802.In step 804, operating system is called utility routine and is determined whether application program has corresponding strategy.For example, the strategy that can be applicable to application program can remain the part of strategy 206.If utility routine is determined the strategy that can be applicable to application program and is not existed, but then utility routine notifying operation system application strategy does not exist.In step 806, operating system refusal is to being written into/request of executive utility, and returns the situation of makeing mistakes.After this request of refusal, operating system proceeds to the end step to this request.
Perhaps, if in step 804, utility routine determines that the strategy that can be applicable to application program exists really, then in step 808, but utility routine analyze this application strategy with determine be written into/executive utility is associated or by the rank of its possible security risk that causes.Utility routine can make risk class based on rank or scope according to each regular mandate of ratifying in the strategy.For example, if each rule is authorized the right of application program to a lot of resources or numerous inherent peril resources, then utility routine harmful grade can be provided with such as fruit rule only authorize some comparatively safe resources of application program right want high.This utility routine notifying operation system, but application strategy exist really, and proceed to end step.
Fig. 9 illustrates according to some and implements utility routine applies the method 900 of stricter strategy after detecting unusually process flow diagram.As example, operation utility routine on computers can have two kinds of strategies, all can be applicable to the PolicyA and the PolicyB of application program.In addition, PolicyA is than PolicyB less-restrictive, because the PolicyA approval is to the mandate of greater number resource.
From setting up procedure, apply the PolicyA of less-restrictive at step 902 utility routine.In step 904, utility routine can detect abnormality in the Application Instance on being executed in computing machine.Continue above example, the example of application program can be carried out on computers, and utility routine can monitor executory program process.When the monitor application process, but abnormal case in the utility routine detection procedure or state.For example, application program can produce digraph by following the tracks of the previous Application Instance that runs on the computing machine, this digraph is represented the system call of usually being sent by application program, and determines manifesting of abnormality from the comparison of the system call carried out with current process of application program and digraph.
In step 906, utility routine applies stricter PolicyB in response to detecting abnormality, and proceeds to end step.In one embodiment, utility routine applies stricter PolicyB detecting on the program process of abnormality.Perhaps, utility routine can apply stricter PolicyB on application program (for example all examples or the process of application program).In addition, depend on detected unusual, application program, and/or specific policy, utility routine can apply on whole computing machine and have more restrictive set of strategies, for example will have more restrictive application of policies in all processes of carrying out on computers.
Figure 10 illustrates according to the process flow diagram of some embodiment utility routine in the method 1000 that detects a unusual after-applied strategy.As example, operation utility routine on computers can have the tactful PolicyA that can be applicable to weblication.Begin from the beginning step, utility routine does not apply strategy to weblication in step 1002.Thereby PolicyA is dormancy, and shall not be applied to the example of the weblication of carrying out on computers.In step 1004, detect abnormality in the example of the weblication that utility routine can be carried out on computers.
Continue above example, an example of weblication can be carried out on computers, and utility routine can monitor executory weblication process.When the monitor application process, but abnormal case in the utility routine detection procedure or state.For example, application program can monitor the Internet traffic that the weblication process produces or causes, and determines that from this Internet traffic abnormality occurs the weblication process.In step 1006, utility routine can apply a dormancy strategy PolicyA (for example detecting on the unusual weblication process) on the weblication, and proceeds to end step.Perhaps, utility routine can apply PolicyA in all examples of weblication or process.Thereby dormancy strategy is activated and is applied to weblication.
From aforementioned content,, can do various changes and do not deviate from the spirit and scope of the present invention although be appreciated that to describing specific embodiment of the present invention is described.Therefore, the present invention is also unrestricted, except being limited by appended claims.
Claims (46)
1. a system is used to examine the request to the mandate of the resource that provides on the visit computing system, and described system comprises:
The centralized policy storer has at least one strategy, and described strategy has one or more rules; And
Authorized component can be operated carrying out as the assembly of the operating system that is adapted at carrying out on the described computing system, described authorized component also can operate with:
The sign party is to the request of access resources;
Described application of policies will be refused visiting the mandate of described resource determining whether in the party; And
To refuse visiting the mandate of described resource in response to determining, return the refusal decision of refusal, and the refusal that will authorize to be recorded in the audit log the mandate of visiting described resource.
2. the system as claimed in claim 1 is characterized in that, described authorized component also can be operated with in response to determining to refuse to visiting the mandate of described resource, and described party's indication is recorded in the audit log.
3. the system as claimed in claim 1, it is characterized in that, described authorized component also can be operated with in response to determining to refuse to visiting the mandate of described resource, and the indication of rule in the described strategy is recorded in the audit log, and described rule causes refusal to visiting the mandate of described resource.
4. the system as claimed in claim 1 is characterized in that, described authorized component also can be operated with in response to determining to refuse to visiting the mandate of described resource, and the indication of the resource of described request is recorded in the audit log.
5. the system as claimed in claim 1 is characterized in that, described authorized component also can be operated to come trigger event based on the clauses and subclauses in the described audit log.
6. system as claimed in claim 5 is characterized in that, described incident is to entity but not the indication of party's refusal request.
7. system as claimed in claim 5 is characterized in that, described incident is that the party is used second strategy
8. the system as claimed in claim 1 is characterized in that, described authorized component also can operate with:
Described application of policies in the party, will be allowed visiting the mandate of described resource determining whether; And
Allow visiting the mandate of described resource in response to determining, return one and allow decision,, and will allow authority record in audit log with the mandate of permission to access resources.
9. system as claimed in claim 8 is characterized in that, described authorized component also can operate with:
Determine whether the visit of resource is related to the inherent peril operation; And
In response to determining that the visit to resource relates to the inherent peril operation, will relate to the authority record of resource of described inherent peril operation in described audit log to visit.
10. one kind is used to finely tune tactful method in computing system, and described method comprises:
The centralized policy storer is provided, and described centralized policy storer comprises at least one strategy, and described strategy comprises at least one rule that has the indication of the mode of learning that whether will activate described rule, thereby:
If described rule failure and causing is refused the mandate of access resources and is activated mode of learning, then:
Approval is to visiting the mandate of described resource; And
With the failure record of the approval of described mandate and described rule in daily record; And
If mandate and un-activation mode of learning to access resources are refused in described rule failure and causing, then:
Refusal is to visiting the mandate of described resource,
Thereby described method is carried out by the constituent components of the operating system of carrying out on described computing system.
11. method as claimed in claim 10 is characterized in that, also comprises:
If described rule allows the mandate of access resources and activates mode of learning, then:
Approval is to visiting the mandate of described resource; And
With the approval of described mandate be responsible for allowing the indication of the rule of the mandate of visiting described resource is recorded in the daily record.
12. a computer-readable recording medium, its content makes computing machine:
Receive an authorization query, described inquiry with to relevant in the request of computing machine executable operations;
Identification request is carried out the party of described operation;
Carrying out the access control inspection will allow carrying out the mandate of described operation determining whether, described access control inspection is based on described party and the strategy that can be applicable to described party, wherein said strategy is a part that remains the centralized policy storehouse, and described strategy comprises one or more rules;
To allow carrying out the mandate of described operation in response to determining, determine whether institute's solicit operation is the inherent peril operation; And
In response to the solicit operation of definite institute is the inherent peril operation, and clauses and subclauses are imported audit log, the described mandate of described entry record to the operation of execution inherent peril,
Thereby described computer instruction is carried out as the constituent components of the operating system that is suitable for carrying out on described computing machine.
13. computer-readable recording medium as claimed in claim 12 is characterized in that, also comprises the content that makes the clauses and subclauses trigger event of described computer based in described audit log.
14. a computer-readable recording medium, its content makes computing machine:
Reception is to being written into application program image the request of storer;
Determine whether described application program image attempts to visit predetermined resource; And
Attempt to visit described predetermined resource in response to definite described application program image, refusal is to being written into the request of described application program image.
15. computer-readable recording medium as claimed in claim 14 is characterized in that, the intention of visiting described predetermined resource determined to be based on analysis to the strategy that can be applicable to described application program image.
16. one kind is used to carry out the system that access control is checked, comprises:
The authorization query assembly can be operated to receive relevant authorization query to resource access;
Party's identified component can be operated with the party of identification request to the visit of described resource;
The strategy identified component can be operated the strategy that can be applicable to described party with sign, and described strategy is made up of one or more rules, and described strategy is the part of centralized policy group; And
Assembly is checked in access control, can operate to carry out the access control inspection as party's function, and described strategy can be applicable to party and resource.
17. system as claimed in claim 16 is characterized in that, described access control inspection is also carried out according to the request action on the described resource.
18. system as claimed in claim 16 is characterized in that, the party is the Application Instance that moves on computers.
19. system as claimed in claim 16 is characterized in that, the party is the combination of the user identity of Application Instance that moves on computers and the Application Instance of representing its operation.
20. a method that is used for the security risk of inquiry application in computing system, described method comprises:
Determine whether can be applicable to the strategy of application program image;
But, handle described application program image in response to defining application strategy; And
But do not exist in response to definite application strategy, do not handle described program image.
21. method as claimed in claim 20 is characterized in that, also comprises, but in response to defining application strategy, determines the possible security risk that is associated with described application program image.
22. method as claimed in claim 20 is characterized in that, also comprises, analyze the described intention that can be applicable to strategy with definite described application program image, thereby the further processing of described application program image is based on the intention of described application program image.
23. method as claimed in claim 20 is characterized in that, handles described application program image and comprises and be written into described application program image.
24. method as claimed in claim 20 is characterized in that, handles described application program image and comprises the described application program image of execution.
25. a computer-readable recording medium, its content makes computing machine:
Supervisory computer is to detect the abnormality in the described computing machine; And
In response in described computing machine, detecting abnormality, the application of activation strategy in described computing machine.
26. computer-readable recording medium as claimed in claim 25 is characterized in that, detect in the process that described abnormality is carried out on described computing machine, and described strategy activates according to described process.
27. computer-readable recording medium as claimed in claim 25 is characterized in that, described abnormality detects in a process group, and described strategy activates according to described process group.
28. computer-readable recording medium as claimed in claim 25 is characterized in that, described strategy activates according to all processes of carrying out on described computing machine.
29. computer-readable recording medium as claimed in claim 25 is characterized in that, the content that also comprises makes computing machine:
Supervisory computer is to detect the termination of abnormality in the described computing machine; And
In response to the termination that detects abnormality in the described computing machine, stop the application of strategy in described computing machine.
30. computer-readable recording medium as claimed in claim 25 is characterized in that, described computer instruction is integrated in the operating system that is adapted at carrying out on the described computing machine, and carries out as its part.
31. computer-readable recording medium as claimed in claim 25 is characterized in that, described strategy is retained as the part in centralized policy storehouse.
32. a method that is used for application strategy in computing system, described method comprises:
With first application of policies in computing machine;
Supervisory computer is to detect the abnormality in the described computing machine; And
In response in described computing machine, detecting abnormality, with second application of policies in described computing machine.
33. method as claimed in claim 32 is characterized in that, described first and second application of policies are in the process of carrying out on described computing machine.
34. method as claimed in claim 32 is characterized in that, described first and second application of policies are in the example of the application program of carrying out on described computing machine.
35. method as claimed in claim 32 is characterized in that, described first and second application of policies are in all processes of carrying out on described computing machine.
36. method as claimed in claim 32 is characterized in that, described first strategy is restricted more less than described second strategy.
37. method as claimed in claim 32 is characterized in that, described strategy comprises at least one rule that is used to manage resource on the described computing machine.
38. method as claimed in claim 32 is characterized in that, described first and second strategies are retained as the part in centralized policy storehouse.
39. method as claimed in claim 32 is characterized in that, also comprises:
Supervisory computer is to detect the end of abnormality in the described computing machine; And
In detecting described computing machine, after the termination of abnormality, stop the application of described second strategy in described computing machine.
40. method as claimed in claim 39 is characterized in that, also comprises described first strategy is applied to described computing machine again.
41. one kind is used for application strategy to determine that described system comprises to the system of the mandate of access resources:
Can be applicable to party's first strategy;
Can be applicable to party's second strategy; And
Authorization module, can operate with described first application of policies in the party, to determine whether described party has carry out the mandate of request action on computers with non-abnormality, described authorization module also can operate with described second application of policies in the party, whether have carry out the mandate of request action on computers with abnormality to determine the party.
42. system as claimed in claim 41 is characterized in that, described party is the program process that moves on computers.
43. system as claimed in claim 41 is characterized in that, described party is the combination of program process that moves on computers and the user environment that runs application process therein.
44. method as claimed in claim 41 is characterized in that, described first and second application of policies are in a process of the application program of carrying out on described computing machine.
45. system as claimed in claim 41 is characterized in that, described first and second application of policies are in all processes of the application program of carrying out on described computing machine.
46. system as claimed in claim 45 is characterized in that, described first strategy and described second strategy are retained as the part of integrated form strategy.
Applications Claiming Priority (6)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US10/957,509 US7506364B2 (en) | 2004-10-01 | 2004-10-01 | Integrated access authorization |
| US10/956,215 | 2004-10-01 | ||
| US10/957,509 | 2004-10-01 | ||
| US10/956,215 US7685632B2 (en) | 2004-10-01 | 2004-10-01 | Access authorization having a centralized policy |
| US10/957,029 US7904956B2 (en) | 2004-10-01 | 2004-10-01 | Access authorization with anomaly detection |
| US10/957,029 | 2004-10-01 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1782943A true CN1782943A (en) | 2006-06-07 |
| CN1782943B CN1782943B (en) | 2010-05-26 |
Family
ID=36127203
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200510108867.XA Expired - Fee Related CN1782943B (en) | 2004-10-01 | 2005-09-30 | Integrated access authorization |
Country Status (2)
| Country | Link |
|---|---|
| US (1) | US7685632B2 (en) |
| CN (1) | CN1782943B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101094097B (en) * | 2006-06-23 | 2010-08-25 | 联想(北京)有限公司 | Hardware access control system and method |
| CN102667719A (en) * | 2009-11-20 | 2012-09-12 | 微软公司 | Controlling resource access based on resource properties |
| CN104601353A (en) * | 2013-10-31 | 2015-05-06 | 北京神州泰岳软件股份有限公司 | Operation and maintenance operation method and system for network security production equipment |
| CN104732127A (en) * | 2015-03-18 | 2015-06-24 | 深圳市九洲电器有限公司 | Set top box application program management method and system |
| CN107422991A (en) * | 2017-07-31 | 2017-12-01 | 郑州云海信息技术有限公司 | A kind of storage strategy management system |
| CN110084035A (en) * | 2013-07-12 | 2019-08-02 | 三星电子株式会社 | For suggesting the electronic equipment and method of response guide when refusing |
| CN112425134A (en) * | 2018-07-24 | 2021-02-26 | 横河电机株式会社 | Device, method, program, and recording medium |
| CN112425135A (en) * | 2018-07-24 | 2021-02-26 | 横河电机株式会社 | Device, method, program, and recording medium |
Families Citing this family (29)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8181219B2 (en) | 2004-10-01 | 2012-05-15 | Microsoft Corporation | Access authorization having embedded policies |
| US7904956B2 (en) | 2004-10-01 | 2011-03-08 | Microsoft Corporation | Access authorization with anomaly detection |
| US7818781B2 (en) * | 2004-10-01 | 2010-10-19 | Microsoft Corporation | Behavior blocking access control |
| US20060287765A1 (en) * | 2005-06-20 | 2006-12-21 | Kraft Harold H | Privacy Information Reporting Systems with Broad Search Scope and Integration |
| US7757269B1 (en) * | 2006-02-02 | 2010-07-13 | Mcafee, Inc. | Enforcing alignment of approved changes and deployed changes in the software change life-cycle |
| US7895573B1 (en) | 2006-03-27 | 2011-02-22 | Mcafee, Inc. | Execution environment file inventory |
| US20070294322A1 (en) * | 2006-06-19 | 2007-12-20 | Cerner Innovation, Inc. | Defining privileges in association with the automated configuration, implementation and/or maintenance of a healthcare information system |
| CN100543760C (en) * | 2006-10-12 | 2009-09-23 | 神盾股份有限公司 | Avoid the data safety method of exposed by table-board search tools encrypted data |
| US8332929B1 (en) | 2007-01-10 | 2012-12-11 | Mcafee, Inc. | Method and apparatus for process enforced configuration management |
| US8370206B2 (en) * | 2007-09-14 | 2013-02-05 | Keefe Commissary Network, L.L.C. | Method, medium, and system for an inmate privilege kiosk |
| US8122484B2 (en) * | 2008-01-09 | 2012-02-21 | International Business Machines Corporation | Access control policy conversion |
| US9355126B2 (en) * | 2009-09-22 | 2016-05-31 | Oracle International Corporation | Active auditing in a database system |
| US8458765B2 (en) * | 2009-12-07 | 2013-06-04 | Samsung Electronics Co., Ltd. | Browser security standards via access control |
| CN102812431A (en) | 2010-03-22 | 2012-12-05 | Lrdc系统有限公司 | A method of identifying and protecting the integrity of a set of source data |
| US8938800B2 (en) | 2010-07-28 | 2015-01-20 | Mcafee, Inc. | System and method for network level protection against malicious software |
| US9112830B2 (en) | 2011-02-23 | 2015-08-18 | Mcafee, Inc. | System and method for interlocking a host and a gateway |
| US9594881B2 (en) | 2011-09-09 | 2017-03-14 | Mcafee, Inc. | System and method for passive threat detection using virtual memory inspection |
| US8713668B2 (en) | 2011-10-17 | 2014-04-29 | Mcafee, Inc. | System and method for redirected firewall discovery in a network environment |
| US8813170B2 (en) | 2011-11-10 | 2014-08-19 | Microsoft Corporation | Testing access policies |
| US8844032B2 (en) * | 2012-03-02 | 2014-09-23 | Sri International | Method and system for application-based policy monitoring and enforcement on a mobile device |
| US8973146B2 (en) | 2012-12-27 | 2015-03-03 | Mcafee, Inc. | Herd based scan avoidance system in a network environment |
| US9578052B2 (en) | 2013-10-24 | 2017-02-21 | Mcafee, Inc. | Agent assisted malicious application blocking in a network environment |
| WO2015099699A1 (en) * | 2013-12-24 | 2015-07-02 | Intel Corporation | Context sensitive multi-mode authentication |
| US10659466B2 (en) | 2016-03-22 | 2020-05-19 | Microsoft Technology Licensing, Llc | Secure resource-based policy |
| US11968241B1 (en) | 2019-06-26 | 2024-04-23 | Amazon Technologies, Inc. | Auto-tuning permissions using a learning mode |
| US11736525B1 (en) | 2020-06-17 | 2023-08-22 | Amazon Technologies, Inc. | Generating access control policies using static analysis |
| US11991210B2 (en) * | 2020-10-26 | 2024-05-21 | Microsoft Technology Licensing, Llc | Machine learning-based techniques for identifying deployment environments and enhancing security thereof |
| CN112202819B (en) * | 2020-12-02 | 2021-02-12 | 成都掌控者网络科技有限公司 | Distributed control authority method and device, computer equipment and storage medium |
| CN112511569B (en) * | 2021-02-07 | 2021-05-11 | 杭州筋斗腾云科技有限公司 | Method and system for processing network resource access request and computer equipment |
Family Cites Families (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CA2228687A1 (en) * | 1998-02-04 | 1999-08-04 | Brett Howard | Secured virtual private networks |
| JPH11296423A (en) | 1998-04-06 | 1999-10-29 | Matsushita Electric Ind Co Ltd | System and device for file management and medium |
| US6412070B1 (en) * | 1998-09-21 | 2002-06-25 | Microsoft Corporation | Extensible security system and method for controlling access to objects in a computing environment |
| US6625603B1 (en) * | 1998-09-21 | 2003-09-23 | Microsoft Corporation | Object type specific access control |
| US6681331B1 (en) | 1999-05-11 | 2004-01-20 | Cylant, Inc. | Dynamic software system intrusion detection |
| JP3546787B2 (en) | 1999-12-16 | 2004-07-28 | インターナショナル・ビジネス・マシーンズ・コーポレーション | Access control system, access control method, and storage medium |
| US7185192B1 (en) | 2000-07-07 | 2007-02-27 | Emc Corporation | Methods and apparatus for controlling access to a resource |
| US7080077B2 (en) | 2000-07-10 | 2006-07-18 | Oracle International Corporation | Localized access |
| US7350204B2 (en) * | 2000-07-24 | 2008-03-25 | Microsoft Corporation | Policies for secure software execution |
| US7013332B2 (en) | 2001-01-09 | 2006-03-14 | Microsoft Corporation | Distributed policy model for access control |
| US7313822B2 (en) | 2001-03-16 | 2007-12-25 | Protegrity Corporation | Application-layer security method and system |
| US7251831B2 (en) | 2001-04-19 | 2007-07-31 | International Business Machines Corporation | Method and system for architecting a secure solution |
| US7020645B2 (en) * | 2001-04-19 | 2006-03-28 | Eoriginal, Inc. | Systems and methods for state-less authentication |
| US7231661B1 (en) | 2001-06-21 | 2007-06-12 | Oracle International Corporation | Authorization services with external authentication |
| US7171688B2 (en) | 2001-06-25 | 2007-01-30 | Intel Corporation | System, method and computer program for the detection and restriction of the network activity of denial of service attack software |
| US6957261B2 (en) * | 2001-07-17 | 2005-10-18 | Intel Corporation | Resource policy management using a centralized policy data structure |
| JP2003216943A (en) * | 2002-01-22 | 2003-07-31 | Toshiba Corp | Image processing device, compiler used therein and image processing method |
| US7467142B2 (en) | 2002-07-11 | 2008-12-16 | Oracle International Corporation | Rule based data management |
| US20040128537A1 (en) | 2002-12-30 | 2004-07-01 | International Business Machines Corporation | Retrospective policy safety net |
| US7185015B2 (en) * | 2003-03-14 | 2007-02-27 | Websense, Inc. | System and method of monitoring and controlling application files |
| US20050177724A1 (en) | 2004-01-16 | 2005-08-11 | Valiuddin Ali | Authentication system and method |
| US7506364B2 (en) | 2004-10-01 | 2009-03-17 | Microsoft Corporation | Integrated access authorization |
| US7904956B2 (en) | 2004-10-01 | 2011-03-08 | Microsoft Corporation | Access authorization with anomaly detection |
| US20070143851A1 (en) | 2005-12-21 | 2007-06-21 | Fiberlink | Method and systems for controlling access to computing resources based on known security vulnerabilities |
-
2004
- 2004-10-01 US US10/956,215 patent/US7685632B2/en active Active
-
2005
- 2005-09-30 CN CN200510108867.XA patent/CN1782943B/en not_active Expired - Fee Related
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101094097B (en) * | 2006-06-23 | 2010-08-25 | 联想(北京)有限公司 | Hardware access control system and method |
| CN102667719B (en) * | 2009-11-20 | 2015-08-26 | 微软技术许可有限责任公司 | Resource access is controlled based on Resource Properties |
| CN102667719A (en) * | 2009-11-20 | 2012-09-12 | 微软公司 | Controlling resource access based on resource properties |
| US9038168B2 (en) | 2009-11-20 | 2015-05-19 | Microsoft Technology Licensing, Llc | Controlling resource access based on resource properties |
| CN110084035A (en) * | 2013-07-12 | 2019-08-02 | 三星电子株式会社 | For suggesting the electronic equipment and method of response guide when refusing |
| CN110084035B (en) * | 2013-07-12 | 2023-03-24 | 三星电子株式会社 | Electronic device and method for suggesting a response guide when a rejection occurs |
| CN104601353B (en) * | 2013-10-31 | 2018-07-06 | 北京神州泰岳软件股份有限公司 | The O&M operating method and system of a kind of network security production equipment |
| CN104601353A (en) * | 2013-10-31 | 2015-05-06 | 北京神州泰岳软件股份有限公司 | Operation and maintenance operation method and system for network security production equipment |
| CN104732127A (en) * | 2015-03-18 | 2015-06-24 | 深圳市九洲电器有限公司 | Set top box application program management method and system |
| CN104732127B (en) * | 2015-03-18 | 2018-08-31 | 深圳市九洲电器有限公司 | Set-top box application procedure management method and system |
| CN107422991A (en) * | 2017-07-31 | 2017-12-01 | 郑州云海信息技术有限公司 | A kind of storage strategy management system |
| CN112425134A (en) * | 2018-07-24 | 2021-02-26 | 横河电机株式会社 | Device, method, program, and recording medium |
| CN112425135A (en) * | 2018-07-24 | 2021-02-26 | 横河电机株式会社 | Device, method, program, and recording medium |
Also Published As
| Publication number | Publication date |
|---|---|
| US20060075461A1 (en) | 2006-04-06 |
| CN1782943B (en) | 2010-05-26 |
| US7685632B2 (en) | 2010-03-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1782943B (en) | Integrated access authorization | |
| CN1808325A (en) | API for access authorization | |
| US7506364B2 (en) | Integrated access authorization | |
| US7904956B2 (en) | Access authorization with anomaly detection | |
| CN112703712B (en) | Supervised learning system for identity hazard risk calculation | |
| US9038168B2 (en) | Controlling resource access based on resource properties | |
| US7890530B2 (en) | Method and system for controlling access to data via a data-centric security model | |
| KR20060050768A (en) | Access authorization api | |
| JP5069369B2 (en) | Integrated access authorization | |
| RU2405198C2 (en) | Integrated access authorisation | |
| Naldurg et al. | Netra: seeing through access control | |
| Ananthanarayanan et al. | Management of conflicting obligations in self-protecting policy-based systems | |
| Shrivastava et al. | SQL injection attacks: Technique and prevention mechanism | |
| Banowosari et al. | System analysis and design using secure software development life cycle based on ISO 31000 and STRIDE. Case study mutiara ban workshop | |
| CN111400750B (en) | Trusted measurement method and device based on access process judgment | |
| Archana Devi et al. | Prevention and detection of SQL injection attacks using generic decryption | |
| Kashyap | Enhanced role based access control: integrating auditing and authentication | |
| CN116680749A (en) | Database access management method and device, storage medium and electronic equipment | |
| CA2518004A1 (en) | Integrated access authorization | |
| RU2541170C2 (en) | Method of controlling access to information resources of computer networks of different levels of confidentiality | |
| Cheng et al. | Improved Access Control Strategy Based on RBAC Model and Its Application | |
| KR101369463B1 (en) | Apparatus and method for user access error cognition in computerization system | |
| Bergstein | Pyrena: Closing the semantic gap for access control in web-based content management systems | |
| Olusesi et al. | Context Dependent Threat-Based Access Control System | |
| Flory | Building Context-Aware Access Control In Enterprise Ontologies. |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20100526 Termination date: 20140930 |
|
| EXPY | Termination of patent right or utility model |